Cyberattack targets Montreal health agency, forcing it to go offline Canadian Underwriter

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

MONTREAL – A Montreal health agency has been forced off-line as authorities deal with a cyberattack.

Quebec Health Minister Christian Dube said Thursday that specific attacks hit systems at the regional health agency covering west-central Montreal, which oversees the Jewish General Hospital among other facilities.

“Our teams quickly realized that there had been these attacks, and to protect the population’s data, particularly hospital data, the decision was taken to shut down the systems,” Dube told a news conference in Quebec City.

A statement from the agency said that as a preventive measure, “internet connectivity as well as external and remote access to our networks have been suspended.”

Access to patients’ records and data has been limited as a result, the statement said. “Frontline services have been slowed down – but not interrupted – while the situation is under investigation.”

Dube said the attack was possibly part of a broader campaign, but he didn’t make a direct link with a series of attacks that have hit American hospitals this week.

A joint alert was issued in the U.S. Wednesday by the FBI and two other agencies, warning of a cybercrime threat aimed at hospitals and health-care providers in that country.

The warning said cybercriminals were hitting the U.S. health-care system with ransomware attacks designed to scramble hospital information systems that can only be unlocked with software keys once a ransom is paid.

Dr. Lawrence Rosenberg, head of the health agency, told a press briefing Thursday that an “anomaly” was detected during a daily verification of the system which they determined was a “cybersecurity intrusion.”

Officials said it was caught quickly but they were still investigating the source and weren’t in a position to confirm or deny the attack was linked to the U.S. incidents.

There hasn’t been a ransom request, Rosenberg added.

“We are going through a fairly rigorous process of trying to get to the bottom of what we’ve found, eliminate it and get back online,” Rosenberg said, adding the work could take up to four days.

Steve Waterhouse, an internet security expert, said he…